package com.fr.plugin.filter;

import com.fr.decision.authority.AuthorityContext;
import com.fr.decision.authority.controller.AuthorityControllerImpl;
import com.fr.decision.authority.data.Authority;
import com.fr.decision.authority.data.User;
import com.fr.decision.authority.session.controller.AuthorityControllerAccess;
import com.fr.decision.fun.impl.AbstractGlobalRequestFilterProvider;
import com.fr.decision.webservice.Response;
import com.fr.decision.webservice.service.user.UserMiddleRoleService;
import com.fr.decision.webservice.v10.user.UserService;
import com.fr.log.FineLoggerFactory;
import com.fr.plugin.provider.ExtendAccessProvider;
import com.fr.plugin.provider.controller.VcsAuthController;
import com.fr.plugin.provider.entity.VscAuth;
import com.fr.plugin.transform.FunctionRecorder;
import com.fr.plugin.utils.IpUtil;
import com.fr.stable.StringUtils;
import com.fr.workspace.server.authority.FineAuthorityOperator;

import javax.servlet.FilterChain;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/***
 * @desc: 文件查询权限拦截
 * @author: zhuosh
 * @date: 2022-05-06
 */
@FunctionRecorder
public class CvsAuthFilter extends AbstractGlobalRequestFilterProvider {

    private FRLoginService frLoginService = new FRLoginService();

    private VcsAuthController vcsAuthController = new VcsAuthController();


    private String redirectUrl="/webroot/decision/html/noauth";


    @Override
    public String filterName() {
        return "cvsAuthFilter";
    }

    @Override
    public String[] urlPatterns() {
        return new String[]{
                "/decision/v10/entry/access/*",
        };
    }


    /**
     * 文件的查看---拦截判断是否有查看权限
     * @param req
     * @param res
     * @param filterChain
     */
    @Override
    public void doFilter(HttpServletRequest req, HttpServletResponse res, FilterChain filterChain) {
        String reqUrl = req.getPathInfo();
        FineLoggerFactory.getLogger().info("权限管理进入拦截器:{}",reqUrl);
        try {
            //判断是否为超级管理员
            String userName = frLoginService.getFRCurrentName(req);
            FineLoggerFactory.getLogger().info("权限拦截，当前登陆的用户名为:{}",userName);
            User user = UserService.getInstance().getUserByUserName(userName);
            //校验是否为超级管理员
            boolean isAdmin = UserMiddleRoleService.getInstance().isAdmin(user.getId());
            if(isAdmin){
                filterChain.doFilter(req, res);
                return;
            }
            //获取路径的最后一级信息
            String id = reqUrl.substring(reqUrl.lastIndexOf("/")+1);
            if(StringUtils.isEmpty(id)){
                filterChain.doFilter(req, res);
                return;
            }
            String fileName = getFileName(id);
            if(StringUtils.isEmpty(fileName)){
                res.sendRedirect(redirectUrl);
                return;
            }
            //做权限校验
            boolean flag = vcsAuthController.validAuth(fileName,userName, IpUtil.getIpAddress(req));
            if(!flag){
                res.sendRedirect(redirectUrl);
                return;
            }
            filterChain.doFilter(req, res);
        } catch (Exception e) {
            FineLoggerFactory.getLogger().error("文件权限校验异常",e);
        }
    }


    /***
     * 获取文件名
     */
    private String getFileName(String id){
        try {
            Authority authority = AuthorityContext.getInstance().getAuthorityController().getById(id);
            FineLoggerFactory.getLogger().info("查询到的权限信息为:{}",authority);
            if(authority != null){
                return authority.getPath();
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }

}
